Systems and methods for providing security via interactive media

ABSTRACT

Methods and systems for providing security and verifying a human user and/or an authorized user are described. A system may include a processor and a non-transitory, processor-readable storage medium. The non-transitory, processor-readable storage medium may include one or more programming instructions that, when executed, cause the processor to receive a request to access a secured resource, provide a verification challenge to a user via a user interface, receive at least one input from the user in response to the verification challenge, and determine that the at least one input corresponds to at least one parameter indicative of a human user. The verification challenge may include a game.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the priority benefit of U.S. Provisional PatentApplication No. 61/778,132, filed Mar. 12, 2013 and entitled “SecuritySystems Using Interactive Media,” the contents of which is incorporatedherein by reference in its entirety.

BACKGROUND

Personal security, particularly with respect to the Internet, has been aprimary concern for individuals and business that conduct activitiesonline. Entities devoted to security subversion have become increasinglysophisticated and have been able to circumvent some of the strongestsecurity measures in the world. Accordingly, there exists a constantneed for improved security measures.

Illustrative methods of subverting security measures may involve usingone or more computing systems, such as a bot, a botnet, and/or the like,to generate an attack. Such methods can be particularly useful in usingautomated techniques to guess passwords. Previous attempts to preventsuch automated techniques have resulted in security measures that usechallenge-response testing to determine whether an entity requestingaccess to an account is a human or a computing system. Suchchallenge-response testing generally requires an entity to entercharacters from a distorted image to verify that the entity is a humanuser. For a time, the challenge-response testing was successful inverifying an entity was human. However, advances in computing technologyhave made such challenge-response testing less effective.

Other illustrative methods of subverting security measures may includeunauthorized users posing as authorized users to gain access to asecured resource. In such methods, the unauthorized user may haveinformation pertinent to an authorized user that is used to “trick” thesecurity measures into allowing the unauthorized user access to thesecured resource. Current methods include requiring an authorized userto provide additional security information when setting up an account,such as, for example, a mother's maiden name, a name of a dog, an oldaddress, and/or the like. However, such information is easily obtainableby unauthorized users.

SUMMARY

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input corresponds to at least one parameter indicative of ahuman user. The verification challenge may include a game.

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input does not correspond to at least one parameter indicativeof a human user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input corresponds to at least one parameter indicative of ahuman user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input does not correspond to at least one parameter indicativeof a human user. The verification challenge may include a game.

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input corresponds to at least one parameter indicative of anauthorized user. The verification challenge may include a game.

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input does not correspond to at least one parameter indicativeof an authorized user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input corresponds to at least one parameter indicative of anauthorized user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input does not correspond to at least one parameter indicativeof an authorized user. The verification challenge may include a game.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts a flow diagram of an illustrative method of verifying ahuman user according to an embodiment.

FIG. 2 depicts a flow diagram of a second illustrative method ofverifying a human user according to an embodiment.

FIG. 3 depicts a flow diagram of a third illustrative method ofverifying a human user according to an embodiment.

FIG. 4 depicts a flow diagram of a fourth illustrative method ofverifying a human user according to an embodiment.

FIG. 5 depicts a block diagram of an illustrative networked systemaccording to an embodiment.

FIG. 6 depicts a block diagram of an illustrative computing deviceaccording to an embodiment.

FIG. 7 depicts an illustrative verification challenge according to anembodiment.

FIG. 8 depicts a second illustrative verification challenge according toan embodiment.

FIG. 9 depicts a third illustrative verification challenge according toan embodiment.

FIG. 10 depicts a fourth illustrative verification challenge accordingto an embodiment.

FIG. 11 depicts a fifth illustrative verification challenge according toan embodiment.

FIG. 12 depicts a sixth illustrative verification challenge according toan embodiment.

DETAILED DESCRIPTION

This disclosure is not limited to the particular systems, devices andmethods described, as these may vary. The terminology used in thedescription is for the purpose of describing the particular versions orembodiments only, and is not intended to limit the scope.

As used in this document, the singular forms “a,” “an,” and “the”include plural references unless the context clearly dictates otherwise.Unless defined otherwise, all technical and scientific terms used hereinhave the same meanings as commonly understood by one of ordinary skillin the art. Nothing in this disclosure is to be construed as anadmission that the embodiments described in this disclosure are notentitled to antedate such disclosure by virtue of prior invention. Asused in this document, the term “comprising” means “including, but notlimited to.”

The following terms shall have, for the purposes of this application,the respective meanings set forth below.

A “user” is not limited by this disclosure, and includes one or moreentities or people using of any of the components and/or elementsthereof as described herein. For example, a user can be a researcher, anexpert, a player, an administrator, a developer, a group of individuals,and/or the like. In some embodiments, interactions between multipleusers may be various users of the same category, such as, for example,multiple players, multiple researchers, multiple experts, multipleadministrators, multiple developers, multiple groups, and/or the like.In some embodiments, interactions between multiple users may be varioususers of differing categories, such as, for example, a player and aresearcher, a player and an expert, a player and an administrator,and/or the like. A “human user” refers to a user who is a human beingthat accesses a user interface. A “non-human user” refers to any otheruser, particularly a machine, a computing device, or the like, thataccesses a user interface, usually under the direction of a human userfor malicious or non-malicious purposes. The non-human user may also bereferred to herein as a “bot.” Accordingly, the terms may be usedinterchangeably herein.

An “electronic device” refers to a device that includes a processor anda tangible, computer-readable memory or storage device. The memory maycontain programming instructions that, when executed by the processingdevice, cause the device to perform one or more operations according tothe programming instructions. Examples of electronic devices includepersonal computers, supercomputers, gaming systems, televisions, mobiledevices, medical devices, telescopes, satellites, recording devices,automatic teller machines, kiosks, electronic locks, and/or the like.

A “mobile device” refers to an electronic device that is generallyportable in size and nature, or is capable of being operated while intransport. Accordingly, a user may transport a mobile device withrelative ease. Examples of mobile devices include pagers, cellularphones, feature phones, smartphones, personal digital assistants (PDAs),cameras, tablet computers, phone-tablet hybrid devices (“phablets”),laptop computers, netbooks, ultrabooks, global positioning satellite(GPS) navigation devices, in-dash automotive components, media players,watches, and the like.

A “computing device” is an electronic device, such as a computer, aprocessor, a memory, and/or any other component, device or system thatperforms one or more operations according to one or more programminginstructions.

A “secured resource” refers to one or more objects, locations, and/orsystems to which access is restricted or partially restricted by asecurity device and/or a security feature. A secured resource may be,for example, a physical location, such as a building or a room in abuilding. Such a secured resource may also include a security devicesuch as a locking mechanism on a door. A secured resource may also be anoutdoor location, protected by, for example, a fence with a lockinggate. A secured resource may also be a garage or parking area, where thesecurity device may be, for example, a garage door or vehicle barrier. Asecured resource may be at least one computer and/or components thereof,at least one computer network, at least one electronic device, and/orthe like where the security device may be, for example, a microprocessorand/or other electronic circuitry programmed to selectively restrict useof the secured resource.

A “user interface” is an interface which allows a user to interact witha computer or computer system. The user interface may also be referredto as a “human interface device.” A user interface may generally provideinformation or data to the user and/or receive information or data fromthe user. The user interface may enable input from a user to be receivedby the computer and may provide output to the user from the computer.Accordingly, the user interface may allow a user to control ormanipulate a computer and may allow the computer to indicate the effectsof the user's control or manipulation. The display of data orinformation on a display or a graphical user interface is a non-limitingexample of providing information to a user. The receiving of datathrough a keyboard, mouse, trackball, touchpad, pointing stick, graphicstablet, joystick, gamepad, webcam, headset, gear sticks, steering wheel,pedals, wired glove, dance pad, remote control, and accelerometer arenon-limiting examples of user interface components which enable thereceiving of information or data from a user.

“Gameplay” refers to a specific way in which one or more users interactwith a game and includes all interaction between the one or more usersand the game. Gameplay can be a pattern defined through one or more gamerules, a connection between a user and the game, a challenge presentedto a user from the game, a method employed by a user in overcoming thechallenges, a plot of the game, turn-by-turn directions in a game, auser's interaction with computer-generated characters and situations, auser's interaction with other users, and a user's connection to thegame. The gameplay can be interesting, therapeutic, beneficial, and/orengaging to the user, thereby increasing the likelihood that the userinteracts with the game for extended periods of time, provideshigh-quality inputs (for example, relevant and significant inputs), andreturns to play the game multiple times.

A “game” refers to a board game, an electronic game, a gesture-basedgame, a massively multiplayer online game (MMOG), a social network-basedgame, a complex game, and/or the like, and may further include anynumber of activities, exercises, and interactions. The game may becreated by a software developer, an administrator, or the like. In someembodiments, creation of the game may be completed by a user based uponthe user's interaction with another game. While the present disclosuregenerally relates to games for verifying a human user, those skilled inthe art will recognize that the scope of the present disclosure mayadditionally relate to entertainment, therapeutic exercises, learningand development exercises, medical diagnosis exercises, feedbackgathering exercises, proof of human input systems, exercises forassessment and evaluation, interactive advertising, newsfeed gathering,personal content organization, and the like. Furthermore, the datacollected from activities presented herein may further be used forpurposes such as data mining, information retrieval, data organization,data sorting, data indexing, analytic gathering, known problems, andscientific problems. In some embodiments, the data may be used foradvertising content customization and/or recommendations systems.

Current techniques for providing a security feature and restrictingaccess to a secured resource include, for example, a security keypadand/or a card reader that is physically present at the entrance to alocation or on an electronic device, security firewalls that interfaceon an electronic device or through a network, and measures that preventnon-human access to a secured resource such as a Completely AutomatedPublic Turing test to tell Computers and Humans Apart (CAPTCHA). Suchsecurity features are subject to circumvention due to passcode/PINnumber theft via shoulder surfing, guesswork, and/or the like. Certainbiometric features may be useful in avoiding circumvention attempts, butmay be more expensive and may require sophisticated algorithms andresources to implement.

The present disclosure relates generally to systems and methods forproviding a security feature that verifies that a user requesting accessto a secured resource is a human user and/or an authorized user. Thesecurity feature may incorporate an interactive interface for the userto play a game. The security feature only allows access to human usersafter the game is played under particular parameters such that a humanpresence at the interactive interface is verified. The security featurealso only allows access to authorized users by learning particularinputs and/or obtaining particular data specific to an authorized userthat an unauthorized user would not be able to fake or obtain. Thus, thesecurity feature may be adaptive such that it can learn how a userthinks and/or behaves over time and adapt to the learned information.Accordingly, the security feature, after learning about a user, iscapable of intelligently recognizing the user. In some embodiments, thesystems and methods described herein can be used in a clinical setting,such as, for example, to ensure that a user is sufficiently cognitivelyaware to gain access to the secured resource. Thus, if a user with acognitive impairment wishes to unlock a door, he/she may be required tocorrectly provide inputs in response to a verification challenge thatconfirm his/her cognitive awareness.

FIGS. 1-4 depict flow diagrams of illustrative methods of verifying ahuman user and/or an authorized user according to various embodiments.The methods depicted in FIGS. 1-4 may be used alternatively or inconjunction with each other. Thus, for example, the method of FIG. 2 maybe incorporated with the method of FIG. 4 such that the processesperformed according to both figures are completed.

FIG. 1 depicts a flow diagram of a first illustrative method ofverifying a human user and/or an authorized user according to anembodiment. The method may include receiving 105 a request, such as, forexample, a request to access a secured resource. The request maygenerally come from a user, particularly a user of an electronic device.The request is not limited by this disclosure, and may generally be anytype of request. For example, a request may be received 105 when a userclicks on a link to a secured resource, when a user attempts to enter apassword, a passcode, a PIN number, and/or the like, when a user types aweb address of a secure server, when a user provides biometric data(such as a fingerprint or a retinal scan) to a secure entry interface,when a user attempts to purchase an item, when a user activates anelectronic device, when a user turns an electronic device on, and/or thelike.

The method may further include providing 110 a verification challenge tothe user. In some embodiments, the verification challenge may generallybe any challenge that verifies the user is a human user. Thus, theverification challenge provides a method of determining whether a useris human or non-human, such as a bot. In some embodiments, theverification challenge may generally be any challenge that verifies theuser is an authorized user. Thus, the verification challenge provides amethod of determining whether a user is authorized or unauthorized. Insome embodiments, the verification challenge may be a game. Illustrativegames include, but are not limited to, a floating balloon game, a mazegame, a cutting game, a puzzle game, and a memory game. In someembodiments, the verification challenge may include one or more requeststhat the user complete certain tasks. In some embodiments, providing 110the verification challenge may further include stipulating that the userprovide information regarding other users that is known only to theuser. For example, a user may need to know an aspect of another user'sgameplay, achievements, avatars, collectibles, levels, status, and/orthe like in order to respond to a verification challenge. Accordingly,in instances where a hacker has obtained the user's information, he/shewould not be able to access the secured resource without obtaininginformation regarding additional users. Illustrative verificationchallenges will be described in greater detail with respect to FIGS.7-12 herein.

At least one input may be received 115 from the user in response to theprovided 110 verification challenge. The at least one input maycorrespond to one or more of the user's responses to the verificationchallenge. Illustrative inputs may include keystrokes, gestures, audioinputs, video inputs, haptic inputs, and/or various touch commands, suchas, for example, a swipe, a tap, a double tap, a pinch, and/or the like.In some embodiments, the input may be received 115 over a particularperiod of time, as described in greater detail herein. The number ofinputs is not limited by this disclosure, and may generally be anynumber that is provided by the user, particularly a number of inputsnecessary to respond to the verification challenge. In some embodiments,no input may be received. For example, if an input is not receivedwithin a particular period of time, it may be determined that no inputhas been received. The period of time is not limited by this disclosure,and may generally be any period of time. Illustrative periods of timemay include, but are not limited to, about 30 seconds, about 1 minute,about 2 minutes, about 3 minutes, about 4 minutes, about 5 minutes,about 6 minutes, about 7 minutes, about 8 minutes, about 9 minutes,about 10 minutes or greater, or any value or range between any two ofthese values (including endpoints). In such an instance, the request istreated as non-responsive and access is denied 125 to the user, asdescribed in greater detail herein.

The method may further include determining 120 whether the inputsreceived 115 correspond to inputs expected of a human user and/or anauthorized user. Such a determining step may include, for example, anyone of receiving each input, determining a timing of the input,receiving inputs from one or more sensors, and/or receiving locationdata.

Determining a timing of each input may generally include observing anamount of time that elapses between when the verification challenge isprovided 110 and when the input (or first input in a series of inputs)is received 115. The amount of time may generally be an expected amountof time necessary for the user to respond to the challenge. Such anexpected amount of time may be developed via observation, testing,estimation, experience, and/or the like. In some embodiments, theexpected amount of time may be a range of expected amounts of time. Insome embodiments, the expected amount of time may be an amount of timethat has been learned after observing the authorized user's tendenciesover several login attempts to determine how much time the user takes toprovide the inputs. If the input (or first input in a series of inputs)is received from the user outside of the expected time, it may bedetermined that the user is non-human or unauthorized. For example, ifan input is received at a time that is less than the expected time, suchan input may be determined as being received from non-humans, ascomputers, machines, and/or the like may be capable of responding tostimuli much more quickly than a human would be able to respond.Similarly, if an input is received at a time that is greater than theexpected time, such an input may be determined as being received from anon-human or an unauthorized user. In particular, computers, machinesand/or the like may be capable of copying the verification challenge andattempting numerous iterations to determine how to bypass it beforeproviding an input. Similarly, unauthorized users may be capable oftaking extra time to determine an appropriate input, such as byresearching a correct response and/or the like. In some embodiments,determining a timing of a plurality of inputs may include observingpauses and/or periods of inactivity between inputs. Such pauses and/orperiods of inactivity may be indicative of a human or a non-human user,as well as an authorized or unauthorized user, depending on the type ofverification challenge.

Receiving an input from one or more sensors may generally includereceiving information gathered by a sensor and using the information todetermine whether the user is a human and/or authorized. The type ofsensor is not limited by this disclosure, and may be any device capableof receiving stimuli. Illustrative examples of sensors may include, butare not limited to, a biometric sensor, a camera, a microphone, a touchsensor, a motion sensor, an accelerometer, a barometer, an infraredsensor, and/or the like. For example, a biometric sensor may be used todetermine if a user is human by obtaining a retinal scan, a fingerprint,a handprint, a body temperature reading, and/or any other type ofmeasurement that would reasonably only come from a human, as machines,computers, and/or the like would have difficulty replicatingbiometrically obtained information. Furthermore, a biometric sensor maybe used to verify that the human user is an authorized human user byreading biometric markers that an unauthorized user would not be able tofake or could not reasonably know/discover. In another example, a cameramay be used to view the user and/or recognize a body part, such as aface, of the user to verify that the user is human and/or an authorizedhuman. In another example, a microphone may be used to receive audioinputs from a user, such as voice commands, whistling, and/or the like.In some embodiments, the biometrically obtained information may be usedto determine whether the user is under duress (for example, by measuringpulse rate, eye movement, respiration rate, perspiration, and/or thelike). Such a determination may be an indicator that the user is beingforced to enter information against his/her own will.

Receiving location data may generally be obtained using one or moregeolocation technologies. For example, location data may be received viaa global positioning satellite (GPS) system, via a cellular telephonenetwork system, via a wireless communication protocol system, and/or thelike. Such location data may be used to verify that the user is locatedin an expected area. For example, a permanently-located keypad inDenver, Colo. would reasonably be expected to transmit geolocationcoordinates that correspond to its permanent installation when itreceives inputs from a user. However, if inputs are received from a botthat is located in Czechoslovakia or from a masked location, it may berecognized that a human is not attempting to access the secured resourceat the keypad location in Denver.

In some embodiments, determining 120 may additionally account forvarious known and/or learned physiological features of an authorizedhuman user. For example, if a human user is red-green color blind andsuch a trait is known and/or learned, the verification challenge mayprovide an arrangement of red objects, green objects, white objects, andother-colored objects and request that the user select all coloredobjects, while knowing that the red-green color blind user will notselect any of the red or green objects, but will select other-coloredobjects and omit the white objects. Thus, determining 120 may be basedon whether any red or green objects were selected.

If the determination 120 is that the user is human and/or authorized,access to the secured resource may be granted 145. However, if thedetermination 120 is that the user is non-human and/or unauthorized,access to the secured resource may be denied 125. Denial 125 of accessmay generally include disallowing the user from accessing the securedresource. In some embodiments, such as in instances when a bona fidehuman user or a bona fide authorized user makes an error during theverification challenge, he/she may be allowed to attempt theverification challenge again, at which the verification challenge may beprovided 110 again, and new inputs may be received 115 from the user. Insome embodiments, a different verification challenge may be provided110. In other embodiments, the same verification challenge may beprovided 110. In some embodiments, the number of times a user may beprovided 110 with a verification challenge without providing a correctresponse may be limited. Such a limitation may prevent recurringincorrect attempts by a non-human user to access the secured resource.The number of times that a verification challenge may be provided 110without receiving a correct response is not limited by this disclosure,and may include, for example, about 2 times, about 3 times, about 5times, about 10 times, or any value or range between any two of thesevalues (including endpoints).

In some embodiments, as shown in FIG. 2, in addition to denying 225access to the determined 220 non-human or unauthorized user, the usermay be notified 230 of the denial of access. The notification 230 is notlimited by this disclosure, and may generally be any notification,including, but not limited to, a text notification, an audionotification, a video notification, an alert, and/or the like. In someembodiments, the type of notification may be dependent upon theinterface device used by the user to access the secured resource. Forexample, if the user attempts to access the secure device via asmartphone equipped with a speaker, the notification may be an audioalert, such as a chime or a ding, to notify the user of the denied 225access. In some embodiments, as described in greater detail herein, theuser may be provided 210 with the verification challenge again.

In some embodiments, as shown in FIG. 3, in addition to denying 325access to the determined 320 non-human or unauthorized user, anadministrator may be notified of the denial of access. The administratoris not limited by this disclosure, and may be any person or entity thatmay benefit from such a notification 335. For example, a user or entitythat controls the secured resource may be notified 335. The notification335 is not limited herein, and may be any type of notification,including, but not limited to, a text notification, an audionotification, a video notification, an alert, identification of theresource, identification of the user interface and/or the device used toaccess the user interface, and/or the like. For example, thenotification 335 may be an email alert sent to the administrator notingthe details of the denied 325 access, such as, for example, the type ofverification challenge, the inputs that were received 315, varioussensor data that was obtained, location data, a date and time of thedenied access, and/or the like. In some embodiments, as described ingreater detail herein, the user may be provided 310 with theverification challenge again.

In some embodiments, as shown in FIG. 4, in addition to denying 425access to the determined 420 non-human or unauthorized user, informationmay be recorded 440 regarding the denial of access. The information isnot limited by this disclosure, and may generally be any informationthat is pertinent to the denial 425 of access to the secured resource.Illustrative examples of information that may be recorded 440 include,but are not limited to, the type of verification challenge, the inputsthat were received 415, various sensor data that was obtained, locationdata, a date and time of the denied access, identification of theresource, identification of the user interface and/or the device used toaccess the user interface, and/or the like. In some embodiments, asdescribed in greater detail herein, the user may be provided 410 withthe verification challenge again.

FIG. 5 depicts an illustrative networked system according to anembodiment. The system may generally include at least one server 515 andat least one input device 505. The at least one server 515 maycommunicate with the at least one input device 505 via anycommunications protocol now known or later developed. In someembodiments, the server 515 and the input device 505 may communicate viaa network 500, such as, for example, the internet, an intranet, a widearea network, a personal network, and/or the like.

The server 515 may generally contain at least a portion of the securedresource and/or may be configured to provide access to the securedresource, as described in greater detail herein. The server 515 is notlimited by this disclosure, and may be any computing device and/orcomponents thereof, such as, for example, the computing device describedherein with respect to FIG. 6.

The input device 505 may generally be a device that receives inputs froma user, as described in greater detail herein. In some embodiments, theinput device 505 may contain and/or implement a user interface to allowthe user to access the secured resource. In some embodiments, the inputdevice 505 may contain at least a portion of the secured resource in astorage device therein. The input device 505 is not limited by thisdisclosure, and may be any electronic device and/or components thereof,including, for example, at least one sensor 510. In some embodiments,the input device 505 may be a user's personal electronic device, suchas, for example, a computer, a smartphone, a tablet, and/or the like.

In some embodiments, the input device 505 may be a supplemental means ofproviding, receiving, and/or processing the inputs received from theuser. For example, the input device 505 may include an optical filtermodule in a touch screen interface that is configured to change a colorof a displayed object that is not directed by the server 515. Thus, forexample, the server 515 may request that a user click on all circlesthat are colored a certain way, but the input device 505 selects theactual coloring of each circle and never communicates coloring data tothe server 515. Such an arrangement may prevent a malicious attackerfrom attempting to bypass the input device 505 to access the securedresource directly from the server 515.

The input device 505 may additionally be configured to provideadditional information to the server 515 at the time it receives inputsfrom the user. For example, the input device 505 may be configured toreceive information from at least one sensor 510. The sensor mayinclude, but is not limited to, a biometric sensor, a camera, amicrophone, a touch sensor, a motion sensor, an accelerometer, abarometer, an infrared sensor, and/or the like, as described in greaterdetail herein. Illustrative information may include, but is not limitedto, biometric data of the user interacting with the input device 505,imaging information, sound information, touch information, pressureinformation, device movement information, device location, informationregarding the environment in which the device is located, and/or thelike. In some embodiments, the sensor 510 may be configured to sense theamount of pressure the user places on the input device 505 whenresponding to a challenge. In some embodiments, the sensor 510 mayreceive information regarding a user's eye movements. In someembodiments, the sensor 510 may receive information regardingenvironmental parameters, such as, for example, moisture and/or smoke.

FIG. 6 depicts a block diagram of illustrative internal hardware thatmay be used to contain or implement program instructions, such as theprocess steps discussed herein, according to various embodiments. A bus600 may serve as the main information highway interconnecting the otherillustrated components of the hardware. A CPU 605 is the centralprocessing unit of the system, performing calculations and logicoperations required to execute a program. The CPU 605, alone or inconjunction with one or more of the other elements disclosed in FIG. 6,is an illustrative processing device, computing device or processor assuch terms are used within this disclosure. Read only memory (ROM) 610and random access memory (RAM) 615 constitute illustrative memorydevices (i.e., processor-readable non-transitory storage media).

A controller 620 interfaces with one or more optional memory devices 625to the system bus 600. These memory devices 625 may include, forexample, an external or internal DVD drive, a CD ROM drive, a harddrive, flash memory, a USB drive, or the like. As indicated previously,these various drives and controllers are optional devices.

Program instructions, software, or interactive modules for providing theinterface and performing any querying or analysis associated with one ormore data sets may be stored in the ROM 610 and/or the RAM 615.Optionally, the program instructions may be stored on a tangiblecomputer-readable medium such as a compact disk, a digital disk, flashmemory, a memory card, a USB drive, an optical disc storage medium, suchas a Blu-ray™ disc, and/or other non-transitory storage media.

An optional display interface 630 may permit information from the bus300 to be displayed on the display 635 in audio, visual, graphic, oralphanumeric format, such as the interface previously described herein.Communication with external devices, such as a print device, may occurusing various communication ports 640. An illustrative communicationport 640 may be attached to a communications network, such as theInternet, an intranet, or the like.

The hardware may also include an interface 645 which allows for receiptof data from input devices such as a keyboard 650 or other input device655 such as a mouse, a joystick, a touch screen, a remote control, apointing device, a video input device and/or an audio input device.

The hardware may also include a storage device 660 such as, for example,a connected storage device, a server, and an offsite remote storagedevice. Illustrative offsite remote storage devices may include harddisk drives, optical drives, tape drives, cloud storage drives, and/orthe like. The storage device 660 may be configured to store data asdescribed herein, which may optionally be stored on a database 665. Thedatabase 665 may be configured to store information in such a mannerthat it can be indexed and searched, as described herein.

The computing device of FIG. 6 and/or components thereof may be used tocarry out the various processes as described herein.

FIGS. 7-12 depict illustrative user interfaces according to variousembodiments. The various user interfaces described herein are notlimited by this disclosure and may be provided on any type of device.Illustrative examples include a computing device, an electronic device,a mobile device, and a physical installation, such as a freestanding PINpad or the like. Thus, a user may interact with the user interface byusing an interface device such as a keyboard, a mouse, a touch screen,and/or the like, or by interacting with physical elements. The userinterface may generally display information for the user in a mannerthat allows the user to visualize and/or manipulate the information. Insome embodiments, the user interface may provide a game, monitor theuser's inputs in following instructions, attempting the game, and/orcompleting the game, and/or store the inputs such that a user'stendencies can be learned. Some non-limiting, illustrative userinterfaces that may be used are described below.

FIG. 7 depicts an illustrative user interface, generally designated 700,according to an embodiment. The user interface 700 may generally beconfigured to provide a command area 705 containing instructions for theuser to follow and/or a response area 710 for receiving inputs from theuser in response to the instructions provided in the command area. Insome embodiments, the command area 705 may be provided at substantiallythe same time as the response area 710. In other embodiments, thecommand area 705 may be provided prior to the response area 710.Accordingly, the user may be required to remember the instructions inthe command area 705 before providing a response, thereby providing anadditional layer of protection against unauthorized users. As shown inFIG. 7, the response area 710 may be a maze. In such a response area710, the user may generally be required to trace a path from a startportion to and end portion of the maze to verify that he/she is a humanuser to access the secured resource. In some embodiments, each path inthe maze taken by the user may be unique and may be known to the userbefore traversing the maze and/or traversed in a particular amount oftime. In some embodiments, the maze may include one or more signposts orthe like that may be traversed in a particular order that is unique tothe user.

Similar to FIG. 7, FIG. 8 depicts an illustrative user interface,generally designated 800, according to an embodiment. The user interface800 may generally provide a command area 805 containing instructions forthe user to follow and/or a response area 810 for receiving inputs fromthe user in response to the instructions provided in the command area.In some embodiments, the command area 805 may be provided atsubstantially the same time as the response area 810. In otherembodiments, the command area 805 may be provided prior to the responsearea 810. Accordingly, the user may be required to remember theinstructions in the command area 805 before providing a response,thereby providing an additional layer of protection against unauthorizedusers. As shown in FIG. 8, the response area 810 may contain a pluralityof objects, such as, for example, balloons. Each object may be in afixed location or may move around the user interface. In someembodiments, the location of each object may be random. Each object maycontain, for example, a character such as a number, a letter, a symbol,and/or the like. In such a response area 810, the user may generally berequired to complete a task to “input” a particular character. In someembodiments, the user may enter a specific sequence of characters suchas a PIN number by tapping and/or clicking on the object thatcorresponds to the specific sequence. In particular embodiments wherethe object is moving, the user may tap and/or click in varying locationsdepending on the location of the object containing the character he/shewishes to select. Such embodiments may discourage bots, which may not beable to track the movement of each object and/or select an appropriatesequence of characters. In addition, it may be difficult for ashoulder-surfing person to obtain the PIN code because of the randomplacement and/or movement of the objects.

FIG. 9 depicts an illustrative user interface, generally designated 900,according to an embodiment. The user interface 900 may generally providea command area 905 containing instructions for the user to follow, afirst response area 910, and/or a second response area 915. A user maygenerally provide one or more inputs in response to the command in atleast one of the first response area 910 and the second response area915. In some embodiments, the command area 905 may be provided atsubstantially the same time as at least one of the first response area910 and the second response area 915. In other embodiments, the commandarea 905 may be provided prior to at least one of the first responsearea 910 and the second response area 915. Accordingly, the user may berequired to remember the instructions in the command area 905 beforeproviding a response, thereby providing an additional layer ofprotection against unauthorized users. As shown in FIG. 9, the firstresponse area 910 may contain a plurality of objects, such as, forexample, balloons. Each object may be in a fixed location or may movearound the user interface. In some embodiments, the location of eachobject may be random. Each object may contain, for example, a charactersuch as a number, a letter, a symbol, and/or the like. In the firstresponse area 910, the user may generally be required to complete a taskto “input” a particular character. In some embodiments, the user mayenter a specific sequence of characters such as a PIN number by tapping,clicking, and/or dragging on the object that corresponds to the specificsequence to the second response area 915. In particular embodimentswhere the object is moving, the user may tap and/or click in varyinglocations depending on the location of the object containing thecharacter he/she wishes to select. Such embodiments may discourage bots,which may not be able to track the movement of each object and/or selectan appropriate sequence of characters. In some embodiments, the user mayrearrange the objects in the second response area 915 after they havebeen moved from the first response area 910.

FIG. 10 depicts an illustrative user interface, generally designated1000, according to an embodiment. The user interface 1000 may generallyprovide a command area 1005 containing instructions for the user tofollow and/or a response area 1010 for receiving inputs from the user inresponse to the instructions provided in the command area. In someembodiments, the command area 1005 may be provided at substantially thesame time as the response area 1010. In other embodiments, the commandarea 1005 may be provided prior to the response area 1010. Accordingly,the user may be required to remember the instructions in the commandarea 1005 before providing a response, thereby providing an additionallayer of protection against unauthorized users. As shown in FIG. 10, theresponse area 1010 may contain a plurality of objects, such as, forexample, fruit. Thus, the objects in the response area 1010 may vary insize and/or shape. Each object may be in a fixed location or may movearound the user interface. In some embodiments, the location of eachobject may be random. Each object may contain, for example, a charactersuch as a number, a letter, a symbol, and/or the like. In such aresponse area 1010, the user may generally be required to complete atask to “input” a particular character, such as, for example, slicingthe fruit. In some embodiments, the user may enter a specific sequenceof characters such as a PIN number by tapping, clicking, swiping, and/orthe like on the object that corresponds to the specific sequence. Inparticular embodiments where the object is moving, the user may providean input in varying locations depending on the location of the objectcontaining the character he/she wishes to select. Such embodiments maydiscourage bots, which may not be able to track the movement of eachobject, select an appropriate sequence of characters, and/or provide thenecessary “slicing” motions.

FIG. 11 depicts an illustrative user interface, generally designated1100, according to an embodiment. The user interface 1100 may generallyprovide a command area 1105 containing instructions for the user tofollow and/or a response area 1110 for receiving inputs from the user inresponse to the instructions provided in the command area. In someembodiments, the command area 1105 may be provided at substantially thesame time as the response area 1110. In other embodiments, the commandarea 1105 may be provided prior to the response area 1110. In someembodiments, the command area 1105 may randomly change each time theuser attempts to access the user interface 1100. Accordingly, the usermay be required to remember the instructions in the command area 1105each time before providing a response, thereby providing an additionallayer of protection against unauthorized users. As shown in FIG. 11, theresponse area 1110 may contain a plurality of objects, such as, forexample, fruit. Thus, the objects in the response area 1110 may vary insize and/or shape. Each object may be in a fixed location or may movearound the user interface. In some embodiments, the location of eachobject may be random. In such a response area 1110, the user maygenerally be required to complete a task in response to the command,such as, for example, peel and/or slice a particular piece of fruit.Thus, the user may be required to recognize which piece of fruit is tobe manipulated, and must provide particular inputs that mimic the tasksrequested in the command area 1105. In particular embodiments where theobject is moving, the user may provide an input in varying locationsdepending on the location of the object he/she is requested tomanipulate. Such embodiments may discourage bots, which may not be ableto determine the difference between objects, track the movement of eachobject, select the appropriate object, and/or provide the necessarymotions corresponding to the required task.

FIG. 12 depicts an illustrative user interface, generally designated1200, according to an embodiment. The user interface 1200 may generallyprovide a command area 1205 containing instructions for the user tofollow and/or a response area 1210 for receiving inputs from the user inresponse to the instructions provided in the command area. In someembodiments, the command area 1205 may be provided at substantially thesame time as the response area 1210. In other embodiments, the commandarea 1205 may be provided prior to the response area 1210. Accordingly,the user may be required to remember the instructions in the commandarea 1205 before providing a response, thereby providing an additionallayer of protection against unauthorized users. As shown in FIG. 12, theresponse area 1210 may contain a plurality of objects. Each object maybe in a fixed location or may move around the user interface. In someembodiments, the location of each object may be random. Each object maycontain, for example, a character such as a number, a letter, a symbol,and/or the like. In such a response area 1210, the user may generally berequired to complete a task to “input” one or more characters. In someembodiments, the user may enter a specific sequence of characters suchas a PIN number by tapping and/or clicking on any object that does notcorrespond to the specific sequence to remove the characters. Inparticular embodiments where the object is moving, the user may tapand/or click in varying locations depending on the location of theobject containing the character he/she wishes to remove. Suchembodiments may discourage bots, which may not be able to track themovement of each object and/or select an appropriate sequence ofcharacters.

In the above detailed description, reference is made to the accompanyingdrawings, which form a part hereof. In the drawings, similar symbolstypically identify similar components, unless context dictatesotherwise. The illustrative embodiments described in the detaileddescription, drawings, and claims are not meant to be limiting. Otherembodiments may be used, and other changes may be made, withoutdeparting from the spirit or scope of the subject matter presentedherein. It will be readily understood that the aspects of the presentdisclosure, as generally described herein, and illustrated in theFigures, can be arranged, substituted, combined, separated, and designedin a wide variety of different configurations, all of which areexplicitly contemplated herein.

The present disclosure is not to be limited in terms of the particularembodiments described in this application, which are intended asillustrations of various aspects. Many modifications and variations canbe made without departing from its spirit and scope, as will be apparentto those skilled in the art. Functionally equivalent methods andapparatuses within the scope of the disclosure, in addition to thoseenumerated herein, will be apparent to those skilled in the art from theforegoing descriptions. Such modifications and variations are intendedto fall within the scope of the appended claims. The present disclosureis to be limited only by the terms of the appended claims, along withthe full scope of equivalents to which such claims are entitled. It isto be understood that this disclosure is not limited to particularmethods, reagents, compounds, compositions or biological systems, whichcan, of course, vary. It is also to be understood that the terminologyused herein is for the purpose of describing particular embodimentsonly, and is not intended to be limiting.

With respect to the use of substantially any plural and/or singularterms herein, those having skill in the art can translate from theplural to the singular and/or from the singular to the plural as isappropriate to the context and/or application. The varioussingular/plural permutations may be expressly set forth herein for sakeof clarity.

It will be understood by those within the art that, in general, termsused herein, and especially in the appended claims (for example, bodiesof the appended claims) are generally intended as “open” terms (forexample, the term “including” should be interpreted as “including butnot limited to,” the term “having” should be interpreted as “having atleast,” the term “includes” should be interpreted as “includes but isnot limited to,” et cetera). While various compositions, methods, anddevices are described in terms of “comprising” various components orsteps (interpreted as meaning “including, but not limited to”), thecompositions, methods, and devices can also “consist essentially of” or“consist of” the various components and steps, and such terminologyshould be interpreted as defining essentially closed-member groups. Itwill be further understood by those within the art that if a specificnumber of an introduced claim recitation is intended, such an intentwill be explicitly recited in the claim, and in the absence of suchrecitation no such intent is present. For example, as an aid tounderstanding, the following appended claims may contain usage of theintroductory phrases “at least one” and “one or more” to introduce claimrecitations. However, the use of such phrases should not be construed toimply that the introduction of a claim recitation by the indefinitearticles “a” or “an” limits any particular claim containing suchintroduced claim recitation to embodiments containing only one suchrecitation, even when the same claim includes the introductory phrases“one or more” or “at least one” and indefinite articles such as “a” or“an” (for example, “a” and/or “an” should be interpreted to mean “atleast one” or “one or more”); the same holds true for the use ofdefinite articles used to introduce claim recitations. In addition, evenif a specific number of an introduced claim recitation is explicitlyrecited, those skilled in the art will recognize that such recitationshould be interpreted to mean at least the recited number (for example,the bare recitation of “two recitations,” without other modifiers, meansat least two recitations, or two or more recitations). Furthermore, inthose instances where a convention analogous to “at least one of A, B,and C, et cetera” is used, in general such a construction is intended inthe sense one having skill in the art would understand the convention(for example, “a system having at least one of A, B, and C” wouldinclude but not be limited to systems that have A alone, B alone, Calone, A and B together, A and C together, B and C together, and/or A,B, and C together, et cetera). In those instances where a conventionanalogous to “at least one of A, B, or C, et cetera” is used, in generalsuch a construction is intended in the sense one having skill in the artwould understand the convention (for example, “a system having at leastone of A, B, or C” would include but not be limited to systems that haveA alone, B alone, C alone, A and B together, A and C together, B and Ctogether, and/or A, B, and C together, et cetera). It will be furtherunderstood by those within the art that virtually any disjunctive wordand/or phrase presenting two or more alternative terms, whether in thedescription, claims, or drawings, should be understood to contemplatethe possibilities of including one of the terms, either of the terms, orboth terms. For example, the phrase “A or B” will be understood toinclude the possibilities of “A” or “B” or “A and B.”

In addition, where features or aspects of the disclosure are describedin terms of Markush groups, those skilled in the art will recognize thatthe disclosure is also thereby described in terms of any individualmember or subgroup of members of the Markush group.

As will be understood by one skilled in the art, for any and allpurposes, such as in terms of providing a written description, allranges disclosed herein also encompass any and all possible subrangesand combinations of subranges thereof. Any listed range can be easilyrecognized as sufficiently describing and enabling the same range beingbroken down into at least equal halves, thirds, quarters, fifths,tenths, et cetera As a non-limiting example, each range discussed hereincan be readily broken down into a lower third, middle third and upperthird, et cetera As will also be understood by one skilled in the artall language such as “up to,” “at least,” and the like include thenumber recited and refer to ranges which can be subsequently broken downinto subranges as discussed above. Finally, as will be understood by oneskilled in the art, a range includes each individual member. Thus, forexample, a group having 1-3 cells refers to groups having 1, 2, or 3cells. Similarly, a group having 1-5 cells refers to groups having 1, 2,3, 4, or 5 cells, and so forth.

Various of the above-disclosed and other features and functions, oralternatives thereof, may be combined into many other different systemsor applications. Various presently unforeseen or unanticipatedalternatives, modifications, variations or improvements therein may besubsequently made by those skilled in the art, each of which is alsointended to be encompassed by the disclosed embodiments.

What is claimed is:
 1. A system comprising: a processor; and anon-transitory, processor-readable storage medium, wherein thenon-transitory, processor-readable storage medium comprises one or moreprogramming instructions that, when executed, cause the processor to:receive a request to access a secured resource; provide a verificationchallenge to a user via a user interface, wherein the verificationchallenge comprises a game; receive at least one input from the user inresponse to the verification challenge; and determine that the at leastone input corresponds to at least one parameter indicative of a humanuser.
 2. The system of claim 1, further comprising one or moreprogramming instructions that, when executed, cause the processor togrant the user access to the secured resource.
 3. The system of claim 1,wherein the game comprises at least one of a floating balloon game, amaze game, a cutting game, a puzzle game, and a memory game.
 4. Thesystem of claim 1, wherein the game is randomly selected from aplurality of game formats.
 5. The system of claim 1, wherein theparameter comprises at least one of a passcode, a completion of anassigned task, an amount of time that has elapsed between providing theverification challenge and receiving the at least one input, a knownphysical trait of an authorized user, and a location of an electronicdevice.
 6. The system of claim 5, wherein the parameter comprises theamount of time that has elapsed between providing the verificationchallenge and receiving the at least one input, and wherein the amountof time is greater than a minimum amount of time and less than a maximumamount of time.
 7. A system comprising: a processor; and anon-transitory, processor-readable storage medium, wherein thenon-transitory, processor-readable storage medium comprises one or moreprogramming instructions that, when executed, cause the processor to:receive a request to access a secured resource; provide a verificationchallenge to a user via a user interface, wherein the verificationchallenge comprises a game; receive at least one input from the user inresponse to the verification challenge; and determine that the at leastone input does not correspond to at least one parameter indicative of ahuman user.
 8. The system of claim 7, further comprising one or moreprogramming instructions that, when executed, cause the processor todeny the user access to the secured resource.
 9. The system of claim 8,further comprising one or more programming instructions that, whenexecuted, cause the processor to provide a notification to the user ofdenied access.
 10. The system of claim 8, further comprising one or moreprogramming instructions that, when executed, cause the processor toprovide a notification of denied access to an administrator.
 11. Thesystem of claim 7, further comprising one or more programminginstructions that, when executed, cause the processor to direct astorage device to record identifying information of the user.
 12. Thesystem of claim 7, wherein the game comprises at least one of a floatingballoon game, a maze game, a cutting game, a puzzle game, and a memorygame.
 13. The system of claim 7, wherein the game is randomly selectedfrom a plurality of game formats.
 14. The system of claim 7, wherein theparameter comprises at least one of a passcode, a completion of anassigned task, an amount of time that has elapsed between providing theverification challenge and receiving the at least one input, a knownphysical trait of an authorized user, and a location of an electronicdevice.
 15. The system of claim 14, wherein the parameter comprises theamount of time that has elapsed between providing the verificationchallenge and receiving the at least one input, and wherein the amountof time is greater than a minimum amount of time and less than a maximumamount of time.
 16. A method comprising: receiving, by a processor, arequest to access a secured resource; providing, by the processor, averification challenge to a user via a user interface, wherein theverification challenge comprises a game; receiving, by the processor, atleast one input from the user in response to the verification challenge;and determining, by the processor, that the at least one inputcorresponds to at least one parameter indicative of a human user. 17.The method of claim 16, further comprising granting, by the processor,the user access to the secured resource.
 18. The method of claim 16,wherein the game comprises at least one of a floating balloon game, amaze game, a cutting game, a puzzle game, and a memory game.
 19. Themethod of claim 16, wherein the game is randomly selected from aplurality of game formats.
 20. The method of claim 16, wherein theparameter comprises at least one of a passcode, a completion of anassigned task, an amount of time that has elapsed between providing theverification challenge and receiving the at least one input, a knownphysical trait of an authorized user, and a location of an electronicdevice.
 21. The method of claim 20, wherein the parameter comprises theamount of time that has elapsed between providing the verificationchallenge and receiving the at least one input, and wherein the amountof time is greater than a minimum amount of time and less than a maximumamount of time.
 22. A method comprising: receiving, by a processor, arequest to access a secured resource; providing, by the processor, averification challenge to a user via a user interface, wherein theverification challenge comprises a game; receiving, by the processor, atleast one input from the user in response to the verification challenge;and determining, by the processor, that the at least one input does notcorrespond to at least one parameter indicative of a human user.
 23. Themethod of claim 22, further comprising denying, by the processor, theuser access to the secured resource.
 24. The method of claim 23, furthercomprising providing, by the processor, a notification to the user ofdenied access.
 25. The method of claim 23, further comprising providing,by the processor, a notification of denied access to an administrator.26. The method of claim 23, further comprising: providing, by theprocessor, a notification to the user of denied access; providing, bythe processor, a notification of denied access to an administrator; anddirecting, by the processor, a storage device to record identifyinginformation of the user.
 27. The method of claim 22, further comprisingdirecting, by the processor, a storage device to record identifyinginformation of the user.
 28. The method of claim 22, wherein the gamecomprises at least one of a floating balloon game, a maze game, acutting game, a puzzle game, and a memory game.
 29. The method of claim22, wherein the game is randomly selected from a plurality of gameformats.
 30. The method of claim 22, wherein the parameter comprises atleast one of a passcode, a completion of an assigned task, an amount oftime that has elapsed between providing the verification challenge andreceiving the at least one input, a known physical trait of anauthorized user, and a location of an electronic device.
 31. The methodof claim 30, wherein the parameter comprises the amount of time that haselapsed between providing the verification challenge and receiving theat least one input, and wherein the amount of time is greater than aminimum amount of time and less than a maximum amount of time.
 32. Asystem comprising: a processor; and a non-transitory, processor-readablestorage medium, wherein the non-transitory, processor-readable storagemedium comprises one or more programming instructions that, whenexecuted, cause the processor to: receive a request to access a securedresource; provide a verification challenge to a user via a userinterface, wherein the verification challenge comprises a game; receiveat least one input from the user in response to the verificationchallenge; and determine that the at least one input corresponds to atleast one parameter indicative of an authorized user.
 33. The system ofclaim 32, further comprising one or more programming instructions that,when executed, cause the processor to grant the user access to thesecured resource.
 34. The system of claim 32, wherein the game comprisesat least one of a floating balloon game, a maze game, a cutting game, apuzzle game, and a memory game.
 35. The system of claim 32, wherein thegame is randomly selected from a plurality of game formats.
 36. Thesystem of claim 32, wherein the parameter comprises at least one of apasscode, a completion of an assigned task, an amount of time that haselapsed between providing the verification challenge and receiving theat least one input, a known physical trait of an authorized user, and alocation of an electronic device.
 37. The system of claim 36, whereinthe parameter comprises the amount of time that has elapsed betweenproviding the verification challenge and receiving the at least oneinput, and wherein the amount of time is greater than a minimum amountof time and less than a maximum amount of time.
 38. A system comprising:a processor; and a non-transitory, processor-readable storage medium,wherein the non-transitory, processor-readable storage medium comprisesone or more programming instructions that, when executed, cause theprocessor to: receive a request to access a secured resource; provide averification challenge to a user via a user interface, wherein theverification challenge comprises a game; receive at least one input fromthe user in response to the verification challenge; and determine thatthe at least one input does not correspond to at least one parameterindicative of an authorized user.
 39. The system of claim 38, furthercomprising one or more programming instructions that, when executed,cause the processor to deny the user access to the secured resource. 40.The system of claim 39, further comprising one or more programminginstructions that, when executed, cause the processor to provide anotification to the user of denied access.
 41. The system of claim 39,further comprising one or more programming instructions that, whenexecuted, cause the processor to provide a notification of denied accessto an administrator.
 42. The system of claim 38, further comprising oneor more programming instructions that, when executed, cause theprocessor to direct a storage device to record identifying informationof the user.
 43. The system of claim 38, wherein the game comprises atleast one of a floating balloon game, a maze game, a cutting game, apuzzle game, and a memory game.
 44. The system of claim 38, wherein thegame is randomly selected from a plurality of game formats.
 45. Thesystem of claim 38, wherein the parameter comprises at least one of apasscode, a completion of an assigned task, an amount of time that haselapsed between providing the verification challenge and receiving theat least one input, a known physical trait of an authorized user, and alocation of an electronic device.
 46. The system of claim 45, whereinthe parameter comprises the amount of time that has elapsed betweenproviding the verification challenge and receiving the at least oneinput, and wherein the amount of time is greater than a minimum amountof time and less than a maximum amount of time.
 47. A method comprising:receiving, by a processor, a request to access a secured resource;providing, by the processor, a verification challenge to a user via auser interface, wherein the verification challenge comprises a game;receiving, by the processor, at least one input from the user inresponse to the verification challenge; and determining, by theprocessor, that the at least one input corresponds to at least oneparameter indicative of an authorized user.
 48. The method of claim 47,further comprising granting, by the processor, the user access to thesecured resource.
 49. The method of claim 47, wherein the game comprisesat least one of a floating balloon game, a maze game, a cutting game, apuzzle game, and a memory game.
 50. The method of claim 47, wherein thegame is randomly selected from a plurality of game formats.
 51. Themethod of claim 47, wherein the parameter comprises at least one of apasscode, a completion of an assigned task, an amount of time that haselapsed between providing the verification challenge and receiving theat least one input, a known physical trait of an authorized user, and alocation of an electronic device.
 52. The method of claim 51, whereinthe parameter comprises the amount of time that has elapsed betweenproviding the verification challenge and receiving the at least oneinput, and wherein the amount of time is greater than a minimum amountof time and less than a maximum amount of time.
 53. A method comprising:receiving, by a processor, a request to access a secured resource;providing, by the processor, a verification challenge to a user via auser interface, wherein the verification challenge comprises a game;receiving, by the processor, at least one input from the user inresponse to the verification challenge; and determining, by theprocessor, that the at least one input does not correspond to at leastone parameter indicative of an authorized user.
 54. The method of claim53, further comprising denying, by the processor, the user access to thesecured resource.
 55. The method of claim 54, further comprisingproviding, by the processor, a notification to the user of deniedaccess.
 56. The method of claim 54, further comprising providing, by theprocessor, a notification of denied access to an administrator.
 57. Themethod of claim 54, further comprising: providing, by the processor, anotification to the user of denied access; providing, by the processor,a notification of denied access to an administrator; and directing, bythe processor, a storage device to record identifying information of theuser.
 58. The method of claim 53, further comprising directing, by theprocessor, a storage device to record identifying information of theuser.
 59. The method of claim 53, wherein the game comprises at leastone of a floating balloon game, a maze game, a cutting game, a puzzlegame, and a memory game.
 60. The method of claim 53, wherein the game israndomly selected from a plurality of game formats.
 61. The method ofclaim 53, wherein the parameter comprises at least one of a passcode, acompletion of an assigned task, an amount of time that has elapsedbetween providing the verification challenge and receiving the at leastone input, a known physical trait of an authorized user, and a locationof an electronic device.
 62. The method of claim 61, wherein theparameter comprises the amount of time that has elapsed betweenproviding the verification challenge and receiving the at least oneinput, and wherein the amount of time is greater than a minimum amountof time and less than a maximum amount of time.